Java AES Encryption Decryption Example

Java support many secure encryption algorithms but some of them are weak to be used in security-intensive applications. For example, the Data Encryption Standard (DES) encryption algorithm is considered highly insecure; messages encrypted using DES have been decrypted by brute force within a single day by machines such as the Electronic Frontier Foundation’s (EFF) Deep Crack.

A more secure encryption algorithm is AES – Advanced Encryption Standard which is a symmetric encryption algorithm. AES encryption is used by U.S. for securing sensitive but unclassified material, so we can say it is enough secure.

And when using block cipher (AES, 3DES), you should use CTR (Counter mode) or CBC mode with RANDOM IV. But CTR or CBC mode just prevent against eavesdropping attackers, and is NOT secure again active attackers who can modify, reject, delete packets. To prevent against active attackers, you should use Authenticated Encryption like Encrypt-then-MAC.